Oracle Identity_manager
23 CVEs affecting Oracle Identity_manager. Latest disclosed: 2026-06-17. Critical: 9, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-10151 | Critical | 10.0 | 2017-10-30 | Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Default Account). Supported versions that are affected are 11… |
CVE-2026-35294 | Critical | 9.9 | 2026-06-17 | Vulnerability in the Identity Manager Connector product of Oracle Fusion Middleware (component: Mainframe Connectors). Supported versions that are affected ar… |
CVE-2026-35268 | Critical | 9.9 | 2026-06-17 | Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1… |
CVE-2017-3553 | Critical | 9.9 | 2017-04-24 | Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Rules Engine). The supported version that is affected is 11.1… |
CVE-2026-46807 | Critical | 9.8 | 2026-06-17 | Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: OIM Legacy UI). Supported versions that are affected are 12.2.1.4.0 and… |
CVE-2026-21992 | Critical | 9.8 | 2026-03-20 | Vulnerability in the Oracle Identity Manager product of Oracle Fusion Middleware (component: REST WebServices) and Oracle Web Services Manager product of Oracl… |
CVE-2025-61757 | Critical | 9.8 | 2025-10-21 | Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: REST WebServices). Supported versions that are affected are 12.2.1.4.0 a… |
CVE-2019-2729 | Critical | 9.8 | 2019-06-19 | Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6… |
CVE-2017-15095 | Critical | 9.8 | 2018-02-06 | A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code ex… |
CVE-2026-35267 | High | 8.8 | 2026-06-17 | Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: REST WebServices). Supported versions that are affected are 12.2.1.4.0 a… |
CVE-2026-35265 | High | 8.8 | 2026-06-17 | Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: Security). Supported versions that are affected are 12.2.1.4.0 and 14.1… |
CVE-2021-2458 | High | 7.6 | 2021-07-21 | Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: Identity Console). Supported versions that are affected are 11.1.2.2.0, 1… |
CVE-2026-35269 | High | 7.5 | 2026-06-17 | Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: REST WebServices). Supported versions that are affected are 12.2.1.4.0 a… |
CVE-2020-2728 | High | 7.5 | 2020-01-15 | Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: OIM - LDAP user and role Synch). The supported version that is affected i… |
CVE-2018-3179 | High | 7.2 | 2018-10-17 | Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Advanced Console). Supported versions that are affected are 1… |
CVE-2026-46810 | Medium | 6.5 | 2026-06-17 | Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: End User Self Service). Supported versions that are affected are 12.2.1… |
CVE-2026-34283 | Medium | 6.1 | 2026-04-21 | Vulnerability in the Oracle Identity Manager product of Oracle Fusion Middleware (component: Identity Console). Supported versions that are affected are 12.2… |
CVE-2019-11358 | Medium | 6.1 | 2019-04-20 | jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an… |
CVE-2020-2729 | Medium | 5.4 | 2020-01-15 | Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: Advanced Console). Supported versions that are affected are 11.1.2.3.0 an… |
CVE-2021-2457 | Medium | 5.3 | 2021-07-21 | Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: Request Management & Workflow). The supported version that is affected is… |